53 matches found
CVE-2025-55254
Improper management of Path-relative stylesheet import in HCL BigFix Remote Control Lite Web Portal versions 10.1.0.0326 and lower may allow to execute malicious code in certain web pages...
CVE-2025-55254
Improper management of Path-relative stylesheet import in HCL BigFix Remote Control Lite Web Portal versions 10.1.0.0326 and lower may allow to execute malicious code in certain web pages...
CVE-2025-55254
Improper management of Path-relative stylesheet import in HCL BigFix Remote Control Lite Web Portal versions 10.1.0.0326 and lower may allow to execute malicious code in certain web pages...
CVE-2025-55254
The CVE-2025-55254 entry concerns HCL BigFix Remote Control Lite Web Portal, affected in versions 10.1.0.0326 and lower. The root cause is improper management of path-relative stylesheet imports, described as a Path-relative stylesheet import (PRSSI) issue, enabling potential malicious code execu...
CVE-2025-55254 HCL BigFix Remote Control is vulnerable to a Path-relative stylesheet import (PRSSI)
Improper management of Path-relative stylesheet import in HCL BigFix Remote Control Lite Web Portal versions 10.1.0.0326 and lower may allow to execute malicious code in certain web pages...
CVE-2025-55254 HCL BigFix Remote Control is vulnerable to a Path-relative stylesheet import (PRSSI)
Improper management of Path-relative stylesheet import in HCL BigFix Remote Control Lite Web Portal versions 10.1.0.0326 and lower may allow to execute malicious code in certain web pages...
PT-2025-51915
Name of the Vulnerable Software and Affected Versions HCL BigFix Remote Control Lite Web Portal versions 10.1.0.0326 and lower Description A flaw exists in the way the software handles path-relative stylesheet imports. This could allow for the execution of malicious code within specific web pages...
CVE-2025-62187
In Ankitects Anki before 25.02.6, crafted sound file references could cause files to be written to arbitrary locations on Windows and Linux media file pathnames are not necessarily relative to the media folder...
EUVD-2022-0723
Malicious code in bioql PyPI...
Security Bulletin: The IBM® Engineering Lifecycle Management - Jazz Foundation is impacted by Path Relative Stylesheet Import vulnerability.
Summary A vulnerability has been identified in IBM Engineering Lifecycle Management - Jazz Foundation, due to a Path-Relative Stylesheet Import PRSSI. This bulletin contains information regarding vulnerabilities and remediation actions. Vulnerability Details CVEID:CVE-2024-43184 DESCRIPTION: IBM...
Linux Distros Unpatched Vulnerability : CVE-2021-23518
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The package cached-path-relative before 1.1.0 are vulnerable to Prototype Pollution via the cache variable that is set as instead of Object.createnull in the...
Linux Distros Unpatched Vulnerability : CVE-2018-16472
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A prototype pollution attack in cached-path-relative versions =1.0.1 allows an attacker to inject properties on Object.prototype which are then inherited by all...
SUSE CVE-2024-39338
axios 1.7.2 allows SSRF via unexpected behavior where requests for path relative URLs get processed as protocol relative URLs...
GHSA-8HC4-VH64-CXMJ Server-Side Request Forgery in axios
axios 1.7.2 allows SSRF via unexpected behavior where requests for path relative URLs get processed as protocol relative URLs...
DEBIAN-CVE-2024-39338
axios 1.7.2 allows SSRF via unexpected behavior where requests for path relative URLs get processed as protocol relative URLs...
UBUNTU-CVE-2024-39338
axios 1.7.2 allows SSRF via unexpected behavior where requests for path relative URLs get processed as protocol relative URLs...
Axios 安全漏洞
Axios is an HTTP client based on Promise a solution for asynchronous programming from the Axios open source. Axios version 1.7.2 has a security vulnerability that stems from vulnerability to a server-side request forgery attack, where a request for a path-relative URL is processed as a...
DLA-3221-1 node-cached-path-relative - security update
Bulletin has no description...
Debian: Security Advisory (DLA-3221-1)
The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Debian dla-3221 : node-cached-path-relative - security update
The remote Debian 10 host has a package installed that is affected by multiple vulnerabilities as referenced in the dla-3221 advisory. ------------------------------------------------------------------------- Debian LTS Advisory DLA-3221-1 [email protected]...